[aklug] Creepiness? Barracuda SSL man-in-the middle...

From: Christopher Howard <christopher@alaskasi.com>
Date: Tue Feb 16 2016 - 15:54:43 AKST

Thought this is interesting... If you go to a site (e.g., a library)
running a Barracuda CF system, the better models have an SSL takeover
feature, meant to allow SSL packet inspection. Basically it just does
man-in-the-middle and replaces the root certificate with a Barracuda
certificate. The idea is you install the root certificate on all site
systems and then users don't know the difference. I guess the WiFi users
would have to explicitly accept the wrong certificate. Needless to say,
I'll be thinking twice before I click a "Confirm Security Exception"
button again.

-- 
Christopher Howard, Computer Assistant
Alaska Satellite Internet
3239 La Ree Way, Fairbanks, AK 99709
907-451-0088 or 888-396-5623 (toll free)
fax: 888-260-3584
mailto:christopher@alaskasi.com
http://www.alaskasatelliteinternet.com
https://www.linkedin.com/in/christopher-howard-9429ab52
---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Feb 16 14:13:59 2016

This archive was generated by hypermail 2.1.8 : Tue Feb 16 2016 - 14:13:59 AKST